Connect version 4.20 broke local http access?

Yes, it might make sense to allow HTTP for local host, and say 192.168 addresses.  The default net used by about every router shipped.

One question that has yet to be asked, is if this change to GCM is being driven by a change to Android itself, as was the case to ATS, which could complicate things.

Yes, it might make sense to allow HTTP for local host, and say 192.168 addresses.  The default net used by about every router shipped.

One question that has yet to be asked, is if this change to GCM is being driven by a change to Android itself, as was the case to ATS, which could complicate things.

totally agree.

desired behaviour should be allow http for localhost and local/private network, to allow to communicate with devices the local network.

In addition: If for whatever reaon https is enforced, the error code should be correct (1001 instead of 300), Because with current implementation, i cannot create the correct user friendly error to the user.

Yes I understand what you meant too. I just don't see why you'd limit it to 192.168.* and not include 10.* and 172.16.*.

Some orgs use all 3. To be fair, most consumers wouldn't.

Sorry: obviously I should amend my post to read:

"e.g. If your IP address is 192.168.0.1, then no router will ever pass traffic between you and the internet."

I understand that.  It's just that 192.168 is the most common being class C and the default on may things.  There's one block for class A, one for class B and one for class C addresses

To be clear, the IPv4 (and IPv6) standards already have clear notions of which IP addresses are local/private/non-routable and which are not (as alluded to above). e.g. If your IP address is 192.168.0.1, then no router will ever pass traffic between you and another network. My understanding is that Apple chose to allow HTTP for all IP addresses, but they could've easily just decided to apply that policy to the non-routable IP addresses.